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DETAILED ACTION 

1. This is a Final Office Action in response to the applicant's communication filed on July 
23, 2009. 

2. Claims 1-8, 28-29 and 31-34 have been examined and are pending. 

Information Disclosure Statement 

3. The information disclosure statement (IDS) submitted on July 23, 2009 is being 
considered by the examiner. 

Specification 

4. Amendment to the specification filed on July 23, 2009 is accepted. 

Claim Objections 

5. Claims 1, 28 and 33 are objected to because of the following informalities: 
In claim 1 : line 1 "a object" should be "an object". 

In claim 28: line 7 "device is adapted to provide" should be "device provides". 

In claim 33: line 13-14 "further comprising: transmitting the object" should be 

"transmitting the object". 
Appropriate corrections are required. 
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Claim Rejections - 35 USC § 112 

6. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

7. Claims 1, 3 and 5 are rejected under 35 U.S.C. 112, second paragraph, as being 
indefinite for failing to particularly point out and distinctly claim the subject matter which 
applicant regards as the invention. 

Claim 1 : line 5 recites "at least one intermediate device" and in the next lines the claims 
recite for example in claim 1: line 8 "a next device in the transmission path". The "at least one 
intermediate device" is interpreted and considered broadly as "an intermediate device" between 
the source device and target device to constitute three devices to form the path and therefore 
invalidates the recited "a next device in the transmission path" and renders the claim to be 
indefinite and ambiguous in order to define its scope and boundary. 

Claim 3: line 5 recites "performing at least one of:" Construction and analysis of claim 3 
does not indicate a plurality of distinct performances to chose from or perform as recited "at least 
one of. Rather the features in claim 3 as a whole are particular and coherent. It is not clear 
which particular or distinct step in the claim is be performed as "at least one of and therefore 
renders claim 3 ambiguous and indefinite to define its scope and boundary. 

Response to Arguments 

8. Applicant's arguments with respect to claims 1-8, 28-29 and 31-34 have been considered 
but are moot in view of the new ground(s) of rejection. 
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Claim Rejections - 35 USC §103 

9. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

10. Claims 1-2, 4, 6-8, 28-29 and 31-34 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Suzuki (US. Pub. No.: US 2004/0259529) in view of Lee, IV et al. 
(Hereinafter referred to as Lee, US. Pub. No.: 2005/0188072). 

As per claim 1 : 

Suzuki discloses a method, comprising: 

determining security information associated with a object, wherein the security 
information is inserted in a header of the object and the object is to be transmitted from a source 
device to a target device along a transmission path that includes at least one intermediate device 
(0008; 001 1-0012; Figure 2: Terminals A-D; Authentication header); 

determining, at each of the source device, and the at least one intermediate device along 
the transmission path as the object is transmitted along the transmission path, whether a next 
device in the transmission path to which the object is to be transmitted provides a security in the 
header of the object (001 1; 0021; 0050; 0073-0074); 

transmitting, at each of the source device, and the at least one intermediate device along 
the transmission path as the object is transmitted along the transmission path, the object to the 
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next device in the transmission path in response to determining that the next device provides 
security in the header of the object (0044; 0050; 0073-0074). 

Suzuki does not explicitly disclose security information is associated with a transaction 
object and providing a level of security indicated by at least a portion of the security information. 
Lee, in analogous art, however, disclose security information is associated with a transaction 
object (0028; 0054) and providing a level of security indicated by at least a portion of the 
security information (0043; security specific policy; 0054; 0094; level of policy application; 
0106-0107). Therefore, it would have been obvious to a person having ordinary skill in the art at 
the time the invention was made to modify the system disclosed by Suzuki to include security 
information is associated with a transaction object and providing a level of security indicated by 
at least a portion of the security information. This modification would have been obvious 
because a person having ordinary skill in the art would have been motivated to do to dynamically 
construct a protocol to facilitate communication between nodes and across multiple nodes and 
utilize policies associated with the nodes to specify protocol properties of the nodes and select a 
policy expression in a policy related to a node by another node to construct a protocol between 
the two nodes as suggested by Lee in (0007). 

As per claim 2: 

Lee discloses the object is a business object, and wherein determining next device in the 
transmission path provides the level of security comprises: transmitting to the next device in the 
transmission path information representative of the level of security that is desired; and receiving 
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a response from the next device in the transmission path indicating that the next device in the 
transmission path provides the desired level of security (001 1; 0034; 0037). 

As per claim 4: 

Lee discloses the security information comprises determining security information 
relating to at least one of connection information, class information, trusted entities information, 
and logging capability information (0068-0069). 

As per claim 6: 

Lee discloses determining an alternative intermediate device along a different 
transmission path that is adapted to provide provides the level of security represented required by 
the at least a portion of the security information in response to determining that the adjacent 
intermediate next device in the transmission path does not adapted to provide the level of 
security required by the at least a portion of the security information (0083-088; 0100). 

As per claim 7: 

Lee discloses sending a message to the next device in the transmission path instructing 
the next device to execute at least one module that allows the next device to provide the level of 
security required by the at least a portion of the security information (0083-088). 



As per claim 8: 
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Suzuki discloses determining the security information comprises determining the security 
information in response to receiving the object from at least one of a previous device or a source 
device in the transmission path (001 1; 0021; 0050; 0073-0074). 

As per claim 3 1 : 

Lee discloses at least one intermediate device includes at least a first intermediate device 
and a second intermediate device; 

wherein determining if a next device in the transmission path provides a level of security 
required by the at least a portion of security information includes performing the determining at 
the source device, wherein the next device is the first intermediate device (0010; 0021; 0083- 
088); 

wherein transmitting the object to the next device comprises transmitting the object to the 
first intermediate device, and wherein in response to determining that the next device provides 
the level of security and in response to determining that the first intermediate device provides the 
level of security (0083-088; 0094); 

determining, at the first device, is second device of the plurality of intermediate devices 
that is adjacent the first device provides the level of security indicated by the at least a portion of 
the security information (0094; 0104; 0108; Figure 5: 500), 

transmitting the object to the second device of the plurality of intermediate devices in 
response to determining that the second device provides the level of security; and transmitting 
the object to the target device from the second device (0094; 0104; 0108; Figure 5: 500). 
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As per claim 32: 

Lee discloses determining an alternative intermediate device along a different 
transmission path that provides the level of security represented in response to determining that 
at least one of the first intermediate device and the second intermediate device in the 
transmission path does not provide the level of security (0054; 0100). 

As per claim 33: 

Lee discloses the at least one intermediate device includes a plurality of intermediate 
devices; 

wherein determining if an adjacent intermediate a next device in the transmission path is 
adapted to provide provides a level of security comprises determining, at a previous device in the 
transmission path, a security level for each intermediate device of the plurality of intermediate 
devices (0084; 0094; 0100); 

wherein transmitting the object to the adjacent intermediate next device in the 
transmission path in response to determining that the adjacent intermediate next device is 
adapted to provide the level of security: comprises transmitting the object to each of the plurality 
of intermediate devices in the transmission path in response to determining that each of the 
plurality of intermediate devices is adapted to provide provides the level of security; further 
comprising: transmitting the object to the target device (0084; 0094; 0100). 



As per claim 34: 
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Lee discloses the object is one of a plurality of objects of the transaction, and wherein at 
least two of the objects in the plurality of objects have different security information in their 
respective headers identifying different levels of security required to be provided by devices 
along corresponding transmission paths to receive the at least two objects (0083-088; 0100). 

As per claim 28: 

Suzuki discloses a method, comprising: 

receiving, at a first device along a transmission path from a source device to a target 
device, a request from a second device along the transmission path desiring to transmit an object 
to a third device, wherein the request includes security information associated with the object, 
the security information being provided in a header of the object (0008; 0011-0012; Figure 2: 
Terminals A-D; Authentication header); 

determining if the first device is adapted to provide a security identified by the security 
information in the header of the object; and transmitting an indication to the second device based 
on determining if the first device provides the security identified by the security information 
(0011; 0021; 0050; 0073-0074); and 

receiving, in the first device, the object from the second device only in response to the 
first device transmitting an indication that the first device the security information (0044; 0050; 
0073-0074). 

Suzuki does not explicitly disclose providing a level of security indicated by at least a 
portion of the security information. Lee, in analogous art, however, disclose providing a level of 
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security indicated by at least a portion of the security information (0043; security specific policy; 
0054; 0094; level of policy application; 0106-0107). Therefore, it would have been obvious to a 
person having ordinary skill in the art at the time the invention was made to modify the system 
disclosed by Suzuki to include providing a level of security indicated by at least a portion of the 
security information. This modification would have been obvious because a person having 
ordinary skill in the art would have been motivated to do to dynamically construct a protocol to 
facilitate communication between nodes and across multiple nodes and utilize policies associated 
with the nodes to specify protocol properties of the nodes and select a policy expression in a 
policy related to a node by another node to construct a protocol between the two nodes as 
suggested by Lee in (0007). 

As per claim 29: 

Lee discloses configuring the first device with at least one module that provides the level 
of security (0083-088). 

Allowable Subject Matter 

11. Claims 3 and 5 are objected to as being dependent upon a rejected base claim, but would 
be allowable if rewritten in independent form including all of the limitations of the base claim 
and any intervening claims and in addition if each and every rejection and objection of given 
above for this claim is overcome. 

The following is a statement of reasons for the indication of allowable subject matter: 
Claim 3 includes the following features which are not taught or further suggested and would not 
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have been obvious over prior arts of record as a whole either taken alone or in combination and 
with particular features of: prompting the next deice in the transmission path to execute one 
module that allows the next deice in the transmission path to prove the desired security level and 
comparing a list of trusted devices in a header portion of transmitted header objects that 
comprises an object handler module as defined and described in claim 3. 

Conclusion 

12. The prior arts made of record and not relied upon are considered pertinent to applicant's 
disclosure. See the notice of reference cited in form PTO-892 for additional prior arts. 

13. Applicant's amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 
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Contact Information 

14. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Techane J. Gergiso whose telephone number is (571) 272-3784 
and fax number is (571) 273-3784. The examiner can normally be reached on between 9:00am - 
6:00pm. If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



/Techane J. Gergiso/ 
Examiner, Art Unit 2437 



